Ashar Aziz is the 'new kid on the block' when it comes to the IT security industry. Aziz is the founder of California-headquartered FireEye, one of the fastest growing security companies of today. Last year, Forbes recognized FireEye as "Silicon Valley's Hottest Security Start-up". Aziz is also Vice Chairman of the Board, CTO and Chief Strategy Officer of FireEye which was established in 2005. During his recent visit to India, Aziz spoke extensively to CIO Magazine on why it has now become imperative for Indian CISOs to align with their company's vision to fight next-generation threats.FireEye has been in the technology limelight over the past couple of years. What is the company up to?
Enterprises across government, BFSI, and high-end technology--to name a few verticals--throughout the world have now understood and recognized the value of deploying FireEye solutions in their security architecture. A majority of Fortune 500 companies today run on FireEye. We are the only company in the world to protect enterprises against next-generation threats through a multi-vector approach, be it Web, file, mobile or e-mail. The USP that sets us apart from our competitors is that the security analysis happens on our appliances and within the network of the enterprises. At this point of time, we have 40 to 50 patents pending on different technologies in the security space, and there are many more to follow in the near future. We will continue to raise the bar in terms of innovation for next-generation threats, which is also reflected well in our current product offerings.What are the short-term and long-term benefits for CIOs or CISOs in choosing FireEye, which in all fairness is a relatively new player in the market?
The benefit really is the comprehensive protection of network, IP, confidential personal as well as financial data. These are the most important things that CISOs need to protect. It is part of the security value they (CISOs) provide to their customers. We can demonstrate with POC that without FireEye technology, they are not only vulnerable to attacks, but also continually exposed to instances when security can be easily compromised. Also, the value of a brand falls if they fail to protect their customers' data. Take Sony for example. They lost a huge market cap due to the massive security breach. The value we bring in the enterprise network is the very basic protection from all types of threats, especially next-generation ones like Zero Day attacks and APTs. ALSO READ: FireEye Outlines India Strategy to Secure APT LandscapeWhat would your advice be to CISOs of Indian organizations? What pitfalls should they avoid to reduce complexity in their company's security posture?
The first unbiased advice I would offer any CISO is to do his/her own research on the threat landscape. They have to look at the structure of attacks and how the attackers work. Only then can they think about what the defensive architecture should look like. Do not take a vendor's claim of protection against threats at face value. Do your own homework, and if you feel that vendors are making similar noises about a technology, pit them against each other in your network. Compare them on daily count. We tend to win such comparison tests almost always because our technology is well-equipped and much ahead of competition to tackle next-generation threats. This again reiterates the fact that modern enterprises need an advanced line of defense against these threats.
Sign up for CIO Asia eNewsletters.